{% block content %} {% load static %} MobSF Static Analysis Report {% if host_os == 'windows' %} {% else %} {% endif %}
ANDROID STATIC ANALYSIS REPORT



app_icon

{{ app_name }} {% if version_name %} ({{version_name}}) {% endif %}






{% if trackers|key:"trackers" %} {% endif %} {% if virus_total and virus_total.items|length > 9 and 'request successfully queued' not in virus_total.verbose_msg %} {% endif %}

File Name:

{{file_name}}

Package Name:

{{ package_name }}

Average CVSS Score:

{% if average_cvss > 6 %} {{ average_cvss }} {% elif average_cvss == 0 %} {{ average_cvss }} {% elif average_cvss >= 4 %} {{ average_cvss }} {% elif average_cvss < 4 %} {{ average_cvss }} {% endif %}

App Security Score:

{% if security_score < 16 %} {{ security_score }}/100 (CRITICAL RISK) {% elif security_score < 41 %} {{ security_score }}/100 (HIGH RISK) {% elif security_score < 71 %} {{ security_score }}/100 (MEDIUM RISK) {% else %} {{ security_score }}/100 (LOW RISK) {% endif %}

Trackers Detection:

0 %} class="warning" {% endif %}>{{ trackers.detected_trackers }}/{{ trackers.total_trackers }}

VirusTotal Detection:

{{ virus_total.positives }}/{{ virus_total.total }}

Scan Date:

{{ timestamp }}

















FILE INFORMATION

File Name:
{{ file_name }}
Size:
{{ size }}
MD5:
{{ md5 }}
SHA1:
{{ sha1 }}
SHA256:
{{ sha256 }}

APP INFORMATION

App Name:
{{ app_name }}
Package Name:
{{ package_name }}
Main Activity:
{{ main_activity }}
Target SDK:
{{ target_sdk }}
Min SDK:
{{ min_sdk }}
Max SDK:
{{ max_sdk }}
Android Version Name:
{{ version_name }}
Android Version Code:
{{ version_code }}

APP COMPONENTS

Activities:
{{ activities | length }}
Services:
{{ services | length }}
Receivers:
{{ receivers | length }}
Providers:
{{ providers | length }}
Exported Activities:
0 %} class="danger" {% endif %}> {{ exported_count.exported_activities }}
Exported Services:
0 %} class="danger" {% endif %}> {{ exported_count.exported_services }}
Exported Receivers:
0 %} class="danger" {% endif %}> {{ exported_count.exported_receivers }}
Exported Providers:
0 %} class="danger" {% endif %}> {{ exported_count.exported_providers }}

CERTIFICATE INFORMATION

{% if certificate_analysis.certificate_info %}

{{ certificate_analysis.certificate_info }}

{% for find in certificate_analysis.certificate_findings %} {% endfor %}
STATUS DESCRIPTION
{% if find.0 == 'bad' %} bad {% elif find.0 == 'good' %} secure {% elif find.0 == 'warning' %} warning {% endif %} {{ find.1 }}
{% else %} Failed to read Code Signing Certificate or none available. {% endif %} {% if permissions %}

APPLICATION PERMISSIONS

{% for perm,desc in permissions.items %} {% endfor %}
PERMISSION STATUS INFO DESCRIPTION
{{ perm }} {% if desc.status == 'dangerous' %} dangerous {% elif desc.status == 'normal' %} normal {% elif desc.status == 'signatureOrSystem' %} SignatureOrSystem {% elif desc.status == 'signature' %} signature {% elif desc.status == 'unknown' %} unknown {% endif %} {{ desc.info }} {{ desc.description }}
{% endif %} {% if virus_total and virus_total.items|length > 9 and 'request successfully queued' not in virus_total.verbose_msg %}

VIRUSTOTAL SCAN

{{ virus_total.positives }} / {{ virus_total.total }}
  AVs found this file Malicious!

{% if virus_total.positives %} {% for av_name,av_result in virus_total.scans.items %} {% if av_result.detected == True %} {% endif %} {% endfor %}
AV DETECTION
{{ av_name }} {{ av_result.result }}
{% endif %} {% endif %} {% if apkid %}

APKID ANALYSIS

{% if apkid %} {% for file, details in apkid.items %} {% endfor %} {% else %}

APKiD not enabled.

{% endif %}
FILE DETAILS
{{file}} {% for detail, idens in details.items %} {% endfor %}
FINDINGS DETAILS
{% if detail == "anti_vm" %} Anti-VM Code {% elif detail == "anti_disassembly" %} Anti Disassembly Code {% elif detail == "anti_debug" %} Anti Debug Code {% elif detail == "compiler" %} Compiler {% elif detail == "abnormal" %} Abnormal Code {% elif detail == "obfuscator" %} Obfuscator {% elif detail == "protector" %} Protector {% elif detail == "packer" %} Packer Found {% elif detail == "dropper" %} Dropper Found {% elif detail == "manipulator" %} Manipulator Found {% else %} {{detail}} {% endif %} {% for idn in idens %} {{ idn }}
{% endfor %}
{% endif %} {% if browsable_activities %}

BROWSABLE ACTIVITIES

{% for activity,intent_details in browsable_activities.items %}
ACTIVITY INTENT
{{activity}} {% if intent_details|key:"schemes" %} Schemes: {% for scheme in intent_details|key:"schemes" %} {{scheme}}, {% endfor %}
{% endif %} {% if intent_details|key:"hosts" %} Hosts: {% for host in intent_details|key:"hosts" %} {{host}}, {% endfor %}
{% endif %} {% if intent_details|key:"ports" %} Ports: {% for port in intent_details|key:"ports" %} {{port}}, {% endfor %}
{% endif %} {% if intent_details|key:"mime_types" %} Mime Types: {% for mime in intent_details|key:"mime_types" %} {{mime}}, {% endfor %}
{% endif %} {% if intent_details|key:"paths" %} Paths: {% for path in intent_details|key:"paths" %} {{path}}, {% endfor %}
{% endif %} {% if intent_details|key:"path_prefixs" %} Path Prefixes: {% for prefix in intent_details|key:"path_prefixs" %} {{prefix}}, {% endfor %}
{% endif %} {% if intent_details|key:"path_patterns" %} Path Patterns: {% for pattern in intent_details|key:"path_patterns" %} {{pattern}}, {% endfor %}
{% endif %} {% endfor %}
{% endif %}

NETWORK SECURITY

{% for item in network_security %} {% endfor %}
NO SCOPE SEVERITY DESCRIPTION
{{ forloop.counter }} {% for url in item.scope %} {{ url }}
{% endfor %}
{% if item.severity == "high" %} high {% elif item.severity == "good" %} good {% elif item.severity == "info" %} info {% elif item.severity == "warning" %} warning {% endif %} {{item.description }}

MANIFEST ANALYSIS

{% for item in manifest_analysis %} {% endfor %}
NO ISSUE SEVERITY DESCRIPTION
{{ forloop.counter }} {{item|key:"title" | safe}} {% if item|key:"stat" == "high" %} high {% elif item|key:"stat" == "info" %} info {% elif item|key:"stat" == "medium" %} medium {% endif %} {{item|key:"desc"}}

CODE ANALYSIS

{% for rule, details in code_analysis.items %} {% endfor %}
NO ISSUE SEVERITY STANDARDS FILES
{{ forloop.counter }} {% if details.metadata|key:"ref" %} {{ details.metadata.description }} {% else %} {{ details.metadata.description }} {% endif %} {% if details.metadata.severity == "high" %} high {% elif details.metadata.severity == "good" %} secure {% elif details.metadata.severity == "warning" %} warning {% elif details.metadata.severity == "info" %} info {% endif %} CVSS V2: {{ details.metadata.cvss }} {% if details.metadata.cvss > 6 %} (high) {% elif details.metadata.cvss == 0 %} (info) {% elif details.metadata.cvss >= 4 %} (medium) {% elif details.metadata.cvss < 4 %} (low) {% endif %} {% if details.metadata.cwe %}
CWE: {{ details.metadata.cwe }}{% endif %} {% if details.metadata|key:"owasp-mobile" %}
OWASP Top 10: {{ details.metadata|key:"owasp-mobile" }}{% endif %} {% if details.metadata.masvs %}
OWASP MASVS: {{ details.metadata.masvs }}{% endif %}
{% for file_path in details.files %} {{ file_path }}
{% endfor %}
{% if binary_analysis %}

SHARED LIBRARY BINARY ANALYSIS

{% if not binary_analysis %} No Shared Objects found. {% endif %} {% for so in binary_analysis %} {% endfor %}
NO SHARED OBJECT NX STACK CANARY RELRO RPATH RUNPATH FORTIFY SYMBOLS STRIPPED
{{ forloop.counter }} {{so.name}} {{so.nx.is_nx}}
{{so.nx.severity}}
{{so.nx.description}}
{{so.stack_canary.has_canary}}
{{so.stack_canary.severity}}
{{so.stack_canary.description}}
{{so.relocation_readonly.relro}}
{{so.relocation_readonly.severity}}
{{so.relocation_readonly.description}}
{{so.rpath.rpath}}
{{so.rpath.severity}}
{{so.rpath.description}}
{{so.runpath.runpath}}
{{so.runpath.severity}}
{{so.runpath.description}}
{{so.fortify.is_fortified}}
{{so.fortify.severity}}
{{so.fortify.description}}
{{so.symbol.is_stripped}}
{{so.symbol.severity}}
{{so.symbol.description}}
{% endif %}

NIAP ANALYSIS v1.3

{% for iden, details in niap_analysis.items %} {% endfor %}
NO IDENTIFIER REQUIREMENT FEATURE DESCRIPTION
{{ forloop.counter }} {{ iden }} {{ details.class }} {{ details.description }} {{ details.choice }}
{% if domains %}

DOMAIN MALWARE CHECK

{% for domain, details in domains.items %} {% endfor %}
DOMAIN STATUS GEOLOCATION
{{domain}} {% if details|key:"bad" == "yes" %} malware
URL:
{{details|key:"domain_or_url"}}
IP:
{{details|key:"ip"}}
Description:
{{details|key:"desc"}} {% else %} good
{% endif %}
{% if details|key:"geolocation" %}
IP:
{{details|key:"geolocation"|key:"ip"}}
Country:
{{details|key:"geolocation"|key:"country_long"}}
Region:
{{details|key:"geolocation"|key:"region"}}
City:
{{details|key:"geolocation"|key:"city"}}
Latitude:
{{details|key:"geolocation"|key:"latitude"}}
Longitude:
{{details|key:"geolocation"|key:"longitude"}}
View:
Google Map {% else %} No Geolocation information available. {% endif %}
{% endif %} {% if urls %}

URLS

{% for urldict in urls %} {% endfor %}
URL FILE
{% for u in urldict|key:"urls" %} {{ u }}
{% endfor %}
{{urldict|key:"path"}}
{% endif %} {% if firebase_urls %}

FIREBASE DATABASES

{% for item in firebase_urls %} {% endfor %}
FIREBASE URL DETAILS
{{ item.url }} {% if item.open %} insecure
Firebase DB is exposed publically. {% else %} info
App talks to a Firebase Database. {% endif %}
{% endif %} {% if emails %}

EMAILS

{% for email_dict in emails %} {% endfor %}
EMAIL FILE
{% for em in email_dict|key:"emails" %} {{ em }}
{% endfor %}
{{email_dict|key:"path"}}
{% endif %} {% if trackers|key:"trackers" %}

TRACKERS

{% for trk in trackers|key:"trackers" %} {% for k, v in trk.items %} {% endfor %} {% endfor %}
TRACKER URL
{{k}} {{v}}
{% endif %} {% if secrets %}

HARDCODED SECRETS

{% for sec in secrets %} {% endfor %}
POSSIBLE SECRETS
{{ sec }}
{% endif %} {% if not playstore_details.error %}

PLAYSTORE INFORMATION

Title:
{{ playstore_details.title }}

Score:
{{ playstore_details.score}}
Installs:
{{ playstore_details.installs }}
Price:
{{ playstore_details.price }}
Android Version Support:
{{ playstore_details.androidVersionText }}
Category:
{{ playstore_details.genre }}
Play Store URL:
{{ package_name }}

Developer Details:
{{playstore_details.developer}}, {{playstore_details.developerId}}, {{playstore_details.developerAddress }}, {{playstore_details.developerWebsite}}, {{playstore_details.developerEmail}},

Release Date:
{{ playstore_details.released }}
Privacy Policy:
Privacy link

Description:

{{ playstore_details.description }}

{% endif %}

App Security Score Calculation

Every app is given an ideal score of 100 to begin with.
For every findings with severity high we reduce 15 from the score.
For every findings with severity warning we reduce 10 from the score.
For every findings with severity good we add 5 to the score.
If the calculated score is greater than 100, then the app security score is considered as 100.
And if the calculated score is less than 0, then the app security score is considered as 10.

Risk Calculation

APP SECURITY SCORE RISK
0 - 15 CRITICAL
16 - 40 HIGH
41 - 70 MEDIUM
71 - 100 LOW



Report Generated by - MobSF {{ version }}

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

© {% now "Y" %} Mobile Security Framework - MobSF | Ajin Abraham | OpenSecurity.

{% endblock %}